0x22bb/hacktricks
1
2
Fork 0
mirror of https://github.com/carlospolop/hacktricks.git synced 2023-12-14 19:12:55 +01:00
Code Releases Activity

GitBook: [master] 3 pages modified

Browse source
This commit is contained in:
CPol 2021-08-10 23:35:14 +00:00 committed by gitbook-bot
parent 4c0e433c48
commit ce53378418
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
3 changed files with 16 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
macos/macos-security-and-privilege-escalation/README.md
View file

@ -186,7 +186,12 @@ csrutil status
System Integrity Protection status: enabled.
```
If you want to disable it, you need to put the computer in recovery mode \(start it pressing command+R\) and execute: `csrutil disable`
If you want to **disable** **it**, you need to put the computer in recovery mode \(start it pressing command+R\) and execute: `csrutil disable`
You can also maintain it **enable but without debugging protections** doing:
```text
csrutil enable --without debug
```
## Common users

9
macos/macos-security-and-privilege-escalation/inspecting-and-debugging-mac-os-apps.md
View file

@ -49,7 +49,11 @@ The params this function expects are:
## Dynamic Analysis
{% hint style="warning" %}
These tools require **SIP to be disabled** or to copy the binaries to a temporary folder and **remove the signature** with `codesign --remove-signature <binary-path>`
Note that in order to debug binaries, **SIP needs to be disabled** \(`csrutil disable` or `csrutil enable --without debug`\) or to copy the binaries to a temporary folder and **remove the signature** with `codesign --remove-signature <binary-path>` or allow the debugging of the binary \(you can use [this script](https://gist.github.com/carlospolop/a66b8d72bb8f43913c4b5ae45672578b)\)
{% endhint %}
{% hint style="warning" %}
Note that in order to **instrument system binarie**s, \(such as `cloudconfigurationd`\) on macOS, **SIP must be disabled** \(just removing the signature won't work\).
{% endhint %}
### dtruss
@ -214,4 +218,5 @@ Or use `netstat` or `lsof`
## References
* [https://www.youtube.com/watch?v=T5xfL9tEg44](https://www.youtube.com/watch?v=T5xfL9tEg44)
*
* [https://taomm.org/vol1/analysis.html](https://taomm.org/vol1/analysis.html)

3
macos/macos-security-and-privilege-escalation/mac-os-protocols.md
View file

@ -75,5 +75,8 @@ If you feel like Bonjour might be more secured **disabled**, you can do so with:
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
```
## References
* [**The Mac Hacker's Handbook**](https://www.amazon.com/-/es/Charlie-Miller-ebook-dp-B004U7MUMU/dp/B004U7MUMU/ref=mt_other?_encoding=UTF8&me=&qid=)\*\*\*\*
* \*\*\*\*[**https://taomm.org/vol1/analysis.html**](https://taomm.org/vol1/analysis.html)\*\*\*\*